diff options
author | Marcel Holtmann <marcel@holtmann.org> | 2015-03-14 19:28:03 -0700 |
---|---|---|
committer | Johan Hedberg <johan.hedberg@intel.com> | 2015-03-15 09:58:56 +0200 |
commit | c927a10487477eeed0441e5c88147700e69e5db9 (patch) | |
tree | 3b5b4cf14ad95ef992e08930105ec707619050bc /net | |
parent | 7aea8616cd26d138b0696ba5605751fb21ee970f (diff) | |
download | op-kernel-dev-c927a10487477eeed0441e5c88147700e69e5db9.zip op-kernel-dev-c927a10487477eeed0441e5c88147700e69e5db9.tar.gz |
Bluetooth: Add support for trust verification of management commands
Check the required trust level of each management command with the trust
level of the management socket. If it does not match up, then return the
newly introduced permission denied error.
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Diffstat (limited to 'net')
-rw-r--r-- | net/bluetooth/mgmt.c | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/net/bluetooth/mgmt.c b/net/bluetooth/mgmt.c index 2162f7b..920acf0 100644 --- a/net/bluetooth/mgmt.c +++ b/net/bluetooth/mgmt.c @@ -6379,6 +6379,13 @@ int mgmt_control(struct hci_mgmt_chan *chan, struct sock *sk, handler = &chan->handlers[opcode]; + if (!hci_sock_test_flag(sk, HCI_SOCK_TRUSTED) && + !(handler->flags & HCI_MGMT_UNTRUSTED)) { + err = mgmt_cmd_status(sk, index, opcode, + MGMT_STATUS_PERMISSION_DENIED); + goto done; + } + if (index != MGMT_INDEX_NONE) { hdev = hci_dev_get(index); if (!hdev) { |